Andrew Hughes | The Blog Pros

December 4, 2021

Learn How to Use Vue and Spring Boot to Create a Single-Page App

In this tutorial, you'll create a single-page application (SPA) with a Spring Boot resource server and a Vue front-end client. You'll learn how to utilize JSON Web Tokens (JWTs) for authentication and authorization, using Spring Boot to configure the JWTs, with Okta as your OAuth 2.0 and OpenID Connect (OIDC) provider. You'll also learn how to use the Vue CLI to bootstrap a Vue client app and how to secure it using the Okta Sign-In Widget.

Okta is a computer security service provider with helpful information for safeguarding online applications. The Okta Sign-In Widget provides protection for front-end apps by letting you quickly add a secure login form that can be configured for single sign-on and social sign-on with external providers like Google, Facebook, and LinkedIn. It includes a PKCE implementation of the OAuth 2.0 authorization code flow (Proof Key for Code Exchange).

February 28, 2021

Build a Secure GraphQL API With MicroProfile

MicroProfile is an open-source community project with the goal to encourage the development of Java microservice solutions. It was created in 2016 in response to the changing needs of modern web development. In particular, it seeks to foster the development of smaller, less monolithic services (microservices) that can run on faster release cycles than the typical, old-school Enterprise Java application. Shortly after its creation, it joined the Eclipse foundation.

MicroProfile, in essence, is a set of specifications and standards agreed upon by a community of developers that allows for “write once, run anywhere” in the Java microservice ecosystem. There are currently around nine compliant runtimes for MicroProfile, including Apache TomEE, Quarkus, and Open Liberty. A program written for one can be seamlessly run on another. The community also serves as an incubator for new ideas within Enterprise Java and microservice architectures.

January 8, 2021

How to Use Quarkus and Java to Secure Kafka Streams

Today you will learn how to use Quarkus and Apache Kafka to create a scalable and secure web application. We will use Kafka Streams and a small Kafka cluster to take data from a server to a client application as a real-time stream. We will also be securing the Kafka cluster with SSL and SASL/JAAS password protection. Lastly, you will secure the Quakrus client application using OAuth 2.0 and OIDC with Okta as the OIDC provider.

The architects of both Apache Kafka and Quarkus designed them for use in scalable clusters. Quarkus is a container-first Kubernetes Java framework that you’ll use to create a scalable, Java-based REST service and client application. It’s a high-performing tool for serverless and microservice environments. The container-first design packages the runtime environment along with the compiled code, allowing you to tightly optimize both and avoid the unwelcome surprises that can come along with operating system updates on servers. Developers build Quarkus apps with Java standard technologies, such as JAX-RS for REST interfaces, JPA for data modeling and persistence, and CDI for dependency injection.

July 2, 2020

Spring Cloud Stream: A Brief Guide

This article will teach you how to create a Spring Cloud Stream app that works with a messaging service (like Apache Kafka, RabbitMQ, etc.), You’ll be using functional, reactive code—leveraging Spring’s WebFlux—and Spring Cloud Stream’s functional building model,

Today, you are going to make an app that has a publisher, a processor, and a consumer. It will leverage two topics to publish a stream of integers, process the integers to calculate a running total, and consume the processed data. In the beginning, these messages will be simple (strings/integers)—but later you’ll see how Spring Cloud Stream makes mapping POJOs (Plain Old Java Objects) to messages using JSON mapping simple!

January 13, 2020

Build a Simple Netty Application With and Without Spring

As an asynchronous, non-blocking input/output (NIO) framework, Netty is used for the rapid development of maintaining highly scalable protocol servers and clients. Building low-level network servers and clients is relatively straightforward with Netty. Developers can work on the socket level (e.g. creating original communication protocols between clients and servers).

Blocking and non-blocking unified APIs, amenable threading model, and SSL/TLS are all supported by Netty. All requests run asynchronously on an individual thread with a non-blocking server. (The event loop shouldn’t be blocked by the function.) This contradicts operations performed in a blocking server model, which usually uses a separate thread to run each request. Without the need for switching or creating threads when the load increases, the non-blocking model decreases overhead and allows for faster development as traffic expands.

November 6, 2019

Building a Java App With Gradle

Build a Java web app with Gradle!

Gradle and Maven are two major build systems in the Java universe. Build systems are used for executing intricate webs of dependencies compiling the project, as well as bundling the resource and metafiles into the final .war or .jar file.

Both Maven and Gradle systems are awesome to work with. However, I prefer Gradle for a more complicated project. In this tutorial, I’ll cover everything you ever wanted to know about building a Java application with Gradle.

October 24, 2019

Containerize Spring Boot Apps Using Docker and Jib

We like the cut of your Jib.

We live in a world where we strive to scale automation as much as possible. Whether it’s offering cloud-based deployments, microservices, or containerization, we work to make things as efficient as possible.

Containerization bundles an application along with all of its configuration libraries, files, and dependencies to run in a bug-free automatable process across different environments and platforms. A popular ecosystem for containerizing apps is Docker.

October 3, 2019

Secure a Spring Boot App With Spring Security and PreAuthorize

In this tutorial, we’ll look into a couple of methods for implementing authentication and authorization in Spring Boot using Spring Security. The first way focuses on overriding the original setting on the HttpSecurity object by building WebSecurityConfigurerAdapter and using the fluent API. The second method, which is also the main focus of this tutorial, is to use method-level security — also known as the @PreAuthorize annotation on controller method.

Let’s take a look at HttpSecurity first. This method is universal and is applied to all requests. The pattern matching for endpoints and fluent API exposed by HttpSecurity is great for building universal authentication policies. This is also where implementation options, such as OAuth 2.0, Form Login, and HTTP Basic are exposed.

September 19, 2019

Secure a REST API With MicroProfile and JWT Authentication

Don't sleep on REST API security

In today’s tutorial, you will learn how to secure a REST API using JSON Web Token (JWT) authentication. We will build it using Eclipse MicroProfile. We will also be using Okta’s free developer account as the OAuth provider for role-based authorization.

To get started, I'll first define some terms.

May 22, 2019

Secure Your JHipster App With Social Login

Social login and JHipster, together, offer a simple and secure option for your customer-facing app. With social login, you can support the vast majority of your users who already have an account with Facebook or Google. In this tutorial, you are going to integrate two social login providers: Google and Facebook. You are also going to use two Okta features that allow you to customize the authentication experience: hosted logins and custom authorization server domains.

Create a Spring Boot + Angular App With JHipster

JHipster is an open-source project that allows you to generate a Spring Boot and Angular application quickly and easily. It even contains support for Okta out of the box! To use JHipster, you’ll need to have Node.js 10 and Java 8 installed. Then, run the following command to install JHipster:

May 16, 2019

Build a Simple Spring Boot App With Spring Data JPA and Postgres

Just about every application needs a way to save and update data, typically a resource server that is accessible via HTTP. Generally, this data must be secured. Within the Java ecosystem, Spring makes building secure resource servers for your data simple. When coupled with Okta for secure user management, you get professionally maintained OAuth 2.0 and JWT technologies easily integrated into Spring Boot via Spring Security.

In this tutorial, you’re going to build a resource server using Spring Boot and Spring Data JPA. On top of that, you’re going to implement a group-based authentication and authorization layer using OAuth 2.0.

March 18, 2019

Integrate Social Login Into Your Spring Boot App

You’ve probably seen social login options with just about every username and password field on the Internet. And it's not hard to see why allowing users to sign-in with credentials they’ve already created is a popular option.

But how do you make sure your login API is ready to handle every time a social provider updates their specification? Not to mention implementing all the different specs from different providers. That’s where Okta comes in.